Does doBoard Addon for Gravity Forms / Project management / Task management have any unpatched vulnerabilities?

No. All known vulnerabilities in doBoard Addon for Gravity Forms / Project management / Task management have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is doBoard Addon for Gravity Forms / Project management / Task management compatible with WordPress 6.9.4?

According to WordPress.org data, doBoard Addon for Gravity Forms / Project management / Task management 1.1.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

doBoard Addon for Gravity Forms / Project management / Task management Security & Risk Analysis

wordpress.org/plugins/cleantalk-doboard-add-on-for-gravity-forms

Organize and track all messages from your site. Gravity Forms, upgraded with Project Management (PM).

0 active installs v1.1.1 PHP + WP 5.6+ Updated Jan 26, 2026

doboardgravityprojectproject-managementtask

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is doBoard Addon for Gravity Forms / Project management / Task management Safe to Use in 2026?

Generally Safe

Score 100/100

doBoard Addon for Gravity Forms / Project management / Task management has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "cleantalk-doboard-add-on-for-gravity-forms" plugin v1.1.1 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and having a high rate of properly escaped output. The absence of known vulnerabilities in its history is also a strong indicator of its current security.

However, significant concerns arise from the static analysis. A notable attack surface is exposed through three AJAX handlers, all of which lack authentication checks. This means that any authenticated user, regardless of their role or permissions, could potentially trigger these handlers, leading to unintended actions or information disclosure. While there are nonce checks present, their presence alone does not mitigate the lack of proper capability checks on these AJAX endpoints. The single external HTTP request, while not inherently a vulnerability, warrants further investigation to ensure it is being made securely and not to a potentially malicious endpoint.

In conclusion, the plugin's core code appears robust with regards to data handling (SQL and output escaping) and has a clean historical record. However, the critical oversight of exposing AJAX handlers without proper authentication checks introduces a substantial risk. The absence of capability checks on these endpoints is a significant security weakness that needs to be addressed.

Key Concerns

AJAX handlers without authentication checks
AJAX handlers without capability checks

Vulnerabilities

None known

doBoard Addon for Gravity Forms / Project management / Task management Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

doBoard Addon for Gravity Forms / Project management / Task management Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

21 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

95% escaped22 total outputs

Attack Surface

3 unprotected

doBoard Addon for Gravity Forms / Project management / Task management Attack Surface

Entry Points3

Unprotected3

AJAX Handlers 3

authwp_ajax_ct_gf_doboard_get_projectsincludes\class-cleantalk-doboard-add-on-for-gravity-forms.php:148

authwp_ajax_ct_gf_doboard_get_task_boardsincludes\class-cleantalk-doboard-add-on-for-gravity-forms.php:160

authwp_ajax_ct_gf_doboard_get_labelsincludes\class-cleantalk-doboard-add-on-for-gravity-forms.php:173

WordPress Hooks 7

actiongform_loadedcleantalk-doboard-add-on-for-gravity-forms.php:35

filterplugin_row_metaincludes\class-cleantalk-doboard-add-on-for-gravity-forms.php:139

actionadmin_enqueue_scriptsincludes\class-cleantalk-doboard-add-on-for-gravity-forms.php:142

filtergform_notificationincludes\class-cleantalk-doboard-add-on-for-gravity-forms.php:143

actiongform_after_submissionincludes\class-cleantalk-doboard-add-on-for-gravity-forms.php:144

actiongform_entry_infoincludes\class-cleantalk-doboard-add-on-for-gravity-forms.php:145

filtergform_pre_send_emailincludes\class-cleantalk-doboard-add-on-for-gravity-forms.php:556

Maintenance & Trust

doBoard Addon for Gravity Forms / Project management / Task management Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 26, 2026

PHP min version

Downloads343

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

doBoard Addon for Gravity Forms / Project management / Task management Alternatives

Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker

wedevs-project-manager

Ease Project Management and Task Management using a powerful project manager with Kanban board, Gantt chart, milestone tracking & project reporting.

7K 1 unpatched

FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration

fluent-boards

The Simplest Project & Task Management Plugin Specifically Crafted for Agencies, Freelancers & Founders.

6K 2 CVEs

Taskbuilder – Project Management & Task Management Tool With Kanban Board

taskbuilder

Taskbuilder is a project management and task management plugin for WordPress with Kanban-style boards to organize and track work.

800 11 CVEs

TaskBreaker – Group Project Management

taskbreaker-project-management

A simple WordPress plugin for managing projects and tasks. Integrated into BuddyPress Groups for best collaborative experience.

200 No CVEs

CollabPress

collabpress

Project management and task tracking software for WordPress

90 No CVEs

Developer Profile

doBoard Addon for Gravity Forms / Project management / Task management Developer Profile

CleanTalk Inc

5 plugins · 230K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

571 days

View full developer profile

Detection Fingerprints

How We Detect doBoard Addon for Gravity Forms / Project management / Task management

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cleantalk-doboard-add-on-for-gravity-forms/assets/css/ct-doboard-settings.css/wp-content/plugins/cleantalk-doboard-add-on-for-gravity-forms/assets/js/ct-doboard-settings.js

Script Paths

/wp-content/plugins/cleantalk-doboard-add-on-for-gravity-forms/assets/js/ct-doboard-settings.js

Version Parameters

cleantalk-doboard-add-on-for-gravity-forms/assets/css/ct-doboard-settings.css?ver=cleantalk-doboard-add-on-for-gravity-forms/assets/js/ct-doboard-settings.js?ver=

HTML / DOM Fingerprints

CSS Classes

ct-doboard-settings-wrap

Data Attributes

data-feed-iddata-account-iddata-session-iddata-project-iddata-task-board-id

JS Globals

ct_gf_doboard_settings

REST Endpoints

/wp-json/ct_gf_doboard/v1/projects/wp-json/ct_gf_doboard/v1/task_boards/wp-json/ct_gf_doboard/v1/labels

FAQ